package edu.whut.mall.admin.shiro.exception;

import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.UnauthorizedException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;

/**
 * Author: smq
 * Unit: D9lab
 * Date: 2021-06-13 17.40
 * Description: 当使用注解来控制管理员访问权限时，由于过滤器不一样，
 *              则设置shiroFilterFactoryBean.setUnauthorizedUrl会报异常，
 *              所以需要配置全局统一异常处理类，但如果使用shiroconfig内部配置权限，
 *              则不需要处理异常，直接设置shiroFilterFactoryBean.setUnauthorizedUrl即可
 */
@ControllerAdvice
public class NoPermissionException {
    @ResponseBody
    @ExceptionHandler(UnauthorizedException.class)
    public String handleShiroException(Exception ex) {
        System.err.println("=================无权限=====================");
        return "无权限";
    }

    @ResponseBody
    @ExceptionHandler(AuthorizationException.class)
    public String authorizationException(Exception ex) {
        System.err.println("=================权限认证失败=====================");
        return "权限认证失败";
    }
}

